diff --git a/mwg/mwg.py b/mwg/mwg.py
new file mode 100644
index 0000000..1c14cee
--- /dev/null
+++ b/mwg/mwg.py
@@ -0,0 +1,92 @@
+#!/usr/bin/env python
+# 20210907 petbau / https://github.com/mohlcyber/McAfee-Web-Gateway-List-Update
+
+import sys
+import requests
+import json
+import xml.etree.ElementTree as xml
+
+MWG_URL = 'http://1.1.1.1' #url of the web gateway
+MWG_PORT = '4711' #port of the web gateway
+MWG_USER = 'admin' #username
+MWG_PWD = 'password' #password
+VERIFY = False #https verification
+
+def login(headers):
+ auth = {'userName': MWG_USER,
+ 'pass': MWG_PWD}
+
+ res = requests.post(MWG_URL + ':' + MWG_PORT + '/Konfigurator/REST/login', headers=headers, params=auth, verify=VERIFY)
+
+ if res.status_code == 200:
+ print('Successfull logged in')
+ else:
+ print('Something went wrong')
+ sys.exit(1)
+
+ return res.cookies['JSESSIONID']
+
+def get_list_id(headers, cookies, list):
+ params = {'name': list}
+ res = requests.get(MWG_URL + ':' + MWG_PORT + '/Konfigurator/REST/list', headers=headers, cookies=cookies, params=params, verify=VERIFY)
+ res_parse = xml.fromstring(res.content).find('entry/id')
+
+ if res.status_code == 200:
+ print('The ID for the list {0} is: {1}'.format(list, res_parse.text))
+ else:
+ print('Something went wrong')
+ sys.exit(1)
+
+ return res_parse.text
+
+def insert_list(headers, cookies, list, list_id, value):
+ data = '''
+
+
+
+ {}
+
+
+
+
+ '''
+ data = data.format(value)
+
+ res = requests.post(MWG_URL + ':' + MWG_PORT + '/Konfigurator/REST/list/' + list_id + '/entry/0/insert', \
+ headers=headers, cookies=cookies, data=data, verify=VERIFY)
+
+ if res.status_code == 200:
+ print('Successfull added the IP/Domain {0} to the list {1}'.format(value, list))
+ else:
+ print(res.content, 'Something Went Wrong')
+ return res
+
+def commit(headers, cookies):
+ res = requests.post(MWG_URL + ':' + MWG_PORT + '/Konfigurator/REST/commit', headers=headers, cookies=cookies, verify=VERIFY)
+ return res.content
+
+def logout(headers, cookies):
+ res = requests.post(MWG_URL + ':' + MWG_PORT + '/Konfigurator/REST/logout', headers=headers, cookies=cookies, verify=VERIFY)
+
+ if res.status_code == 200:
+ print('Successfull Logged Out')
+ else:
+ print('Something Went Wrong')
+ return res
+
+if __name__ == "__main__":
+
+ list = 'Global Block: Sites' #list to edit
+ value = sys.argv[1]
+
+ headers = {'Content-Type': 'application/xml'}
+
+ cookie = login(headers)
+ cookies = {'JSESSIONID': cookie}
+
+ list_id = get_list_id(headers, cookies, list)
+
+ insert = insert_list(headers, cookies, list, list_id, value)
+ commit = commit(headers, cookies)
+
+ logout = logout(headers, cookies)
diff --git a/postgresql/pg_change_db_owner.sh b/postgresql/pg_change_db_owner.sh
new file mode 100644
index 0000000..1814b72
--- /dev/null
+++ b/postgresql/pg_change_db_owner.sh
@@ -0,0 +1,98 @@
+#!/bin/sh
+#
+# The MIT License
+#
+# Copyright 2014-2017 Jakub Jirutka .
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+# Credit: Based on http://stackoverflow.com/a/2686185/305019 by Alex Soto
+
+
+usage() {
+ cat <<- EOF
+ usage: $0 options
+
+ This script changes ownership for all tables, views, sequences and functions in
+ a database schema and also owner of the schema itself.
+
+ Note: If you want to change the ownership of all objects, in the specified database,
+ owned by a database role, then you can simply use command "REASSIGN OWNED".
+
+ OPTIONS:
+ -h Show this message
+ -d Database name
+ -o New owner name
+ -s Schema (defaults to public)
+ EOF
+}
+
+pgexec() {
+ local cmd=$1
+ psql --no-psqlrc --no-align --tuples-only --record-separator=\0 --quiet \
+ --command="$cmd" "$DB_NAME"
+}
+
+pgexec_echo() {
+ local cmd=$1
+ psql --no-psqlrc --no-align --tuples-only --record-separator=\0 --quiet \
+ --echo-queries --command="$cmd" "$DB_NAME"
+}
+
+
+DB_NAME=''
+NEW_OWNER=''
+SCHEMA='public'
+while getopts 'hd:o:s:' OPTION; do
+ case $OPTION in
+ h) usage; exit 1;;
+ d) DB_NAME=$OPTARG;;
+ o) NEW_OWNER=$OPTARG;;
+ s) SCHEMA=$OPTARG;;
+ esac
+done
+
+if [ -z "$DB_NAME" ] || [ -z "$NEW_OWNER" ]; then
+ usage
+ exit 1
+fi
+
+# Using the NULL byte as the separator as its the only character disallowed from PG table names.
+IFS=\0
+
+# Change owner of schema itself.
+pgexec_echo "ALTER SCHEMA \"$SCHEMA\" OWNER TO \"$NEW_OWNER\";"
+
+# Change owner of tables and views.
+for tbl in $(pgexec "SELECT table_name FROM information_schema.tables WHERE table_schema = '$SCHEMA';") \
+ $(pgexec "SELECT table_name FROM information_schema.views WHERE table_schema = '$SCHEMA';"); do
+ pgexec_echo "ALTER TABLE \"$SCHEMA\".\"$tbl\" OWNER TO $NEW_OWNER;"
+done
+
+# Change owner of sequences.
+for seq in $(pgexec "SELECT sequence_name FROM information_schema.sequences WHERE sequence_schema = '$SCHEMA';"); do
+ pgexec_echo "ALTER SEQUENCE \"$SCHEMA\".\"$seq\" OWNER TO $NEW_OWNER;"
+done
+
+# Change owner of functions and procedures.
+for func in $(pgexec "SELECT quote_ident(p.proname) || '(' || pg_catalog.pg_get_function_identity_arguments(p.oid) || ')' \
+ FROM pg_catalog.pg_proc p JOIN pg_catalog.pg_namespace n ON n.oid = p.pronamespace \
+ WHERE n.nspname = '$SCHEMA';"); do
+ pgexec_echo "ALTER FUNCTION \"$SCHEMA\".$func OWNER TO $NEW_OWNER;"
+done
\ No newline at end of file
diff --git a/postgresql/pg_grant_read_to_db.sh b/postgresql/pg_grant_read_to_db.sh
new file mode 100644
index 0000000..171f162
--- /dev/null
+++ b/postgresql/pg_grant_read_to_db.sh
@@ -0,0 +1,75 @@
+#!/bin/sh
+#
+# The MIT License
+#
+# Copyright 2014-2017 Jakub Jirutka .
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+
+usage() {
+ cat <<- EOF
+ usage: $0 options
+
+ This script grants read-only privileges to a specified role on all tables, views
+ and sequences in a database schema and sets them as default.
+
+ OPTIONS:
+ -h Show this message
+ -d Database name
+ -u Role name
+ -s Schema (defaults to public)
+ EOF
+}
+
+pgexec() {
+ local cmd=$1
+ psql --no-psqlrc --no-align --tuples-only --record-separator=\0 --quiet \
+ --echo-queries --command="$cmd" "$DB_NAME"
+}
+
+
+DB_NAME=''
+ROLE=''
+SCHEMA='public'
+while getopts 'hd:u:s:' OPTION; do
+ case $OPTION in
+ h) usage; exit 1;;
+ d) DB_NAME=$OPTARG;;
+ u) ROLE=$OPTARG;;
+ s) SCHEMA=$OPTARG;;
+ esac
+done
+
+if [ -z "$DB_NAME" ] || [ -z "$ROLE" ]; then
+ usage
+ exit 1
+fi
+
+pgexec "GRANT CONNECT ON DATABASE $DB_NAME TO $ROLE;
+GRANT USAGE ON SCHEMA $SCHEMA TO $ROLE;
+GRANT SELECT ON ALL TABLES IN SCHEMA $SCHEMA TO $ROLE;
+GRANT SELECT ON ALL SEQUENCES IN SCHEMA $SCHEMA TO $ROLE;
+ALTER DEFAULT PRIVILEGES IN SCHEMA $SCHEMA GRANT SELECT ON TABLES TO $ROLE;
+ALTER DEFAULT PRIVILEGES IN SCHEMA $SCHEMA GRANT SELECT ON SEQUENCES TO $ROLE;"
+
+# Uncomment to also grant privileges on all functions/procedures in the schema.
+# It's usually NOT what you want - functions can modify data!
+#pgexec "GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA $SCHEMA TO $ROLE;
+#ALTER DEFAULT PRIVILEGES IN SCHEMA $SCHEMA GRANT EXECUTE ON FUNCTIONS TO $ROLE;"
\ No newline at end of file
diff --git a/tcpdump-schedule/.gitkeep b/tcpdump-schedule/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/tcpdump-schedule/README.md b/tcpdump-schedule/README.md
new file mode 100644
index 0000000..62ea34b
--- /dev/null
+++ b/tcpdump-schedule/README.md
@@ -0,0 +1,14 @@
+# tcpdump scripts
+
+- tcpdump_getdata.sh: Capture network traffic, stop with Ctrl-C
+- tcpdump_stop.sh: Stop the tcpdump command (e.g. when using crontab)
+- tcpdump.yml: Ansible Playbook which takes a tcpdump on the remote side(s) and copy it automatically to your server
+
+# crontab
+
+This is the crontab for an example tcpdump which starts at 02:00am and stops at 02:05am.
+
+```
+0 2 * * * bash /tmp/tcpdump_getdata.sh
+5 2 * * * bash /tmp/tcpdump_stop.sh
+```
\ No newline at end of file
diff --git a/tcpdump-schedule/tcpdump.yaml b/tcpdump-schedule/tcpdump.yaml
new file mode 100644
index 0000000..648e918
--- /dev/null
+++ b/tcpdump-schedule/tcpdump.yaml
@@ -0,0 +1,41 @@
+# Ansible Playbook
+- hosts: all
+
+ vars:
+ cap_file: packet_capture_{{ ansible_hostname }}_{{ ansible_date_time['epoch'] }}.pcap
+
+
+ vars_prompt:
+ - name: dur_in_sec
+ prompt: Please specify the runtime duration in sec
+ private: no
+
+ - name: interface
+ prompt: Please specify the interface (e.g. eth0)
+ private: no
+
+ - name: dest_folder
+ prompt: Please specify the destination folder (location on remote server e.g. /var/tmp/)
+ private: no
+
+ - name: filter
+ prompt: Please specify the tcpdump filter (e.g. host 10.10.10.10). For no filter just press enter
+ default: ""
+ private: no
+
+
+ tasks:
+ - name: start tcpdump
+ command: sudo /usr/sbin/tcpdump -G {{ dur_in_sec }} -W 1 -i {{ interface }} -s 0 -w {{ dest_folder}}/{{ cap_file }} {{ filter }}
+
+ - name: compress capture file
+ command: sudo gzip {{cap_file}} chdir={{ dest_folder}}/
+
+ - name: Change file permission
+ command: sudo chmod 755 {{ dest_folder}}/{{cap_file}}.gz
+
+ - name: copy logs to /export/tmp/ansible/
+ fetch: src={{ dest_folder}}/{{cap_file}}.gz dest=/export/tmp/ansible/ flat=yes
+
+ - name: remove files from remote server
+ command: sudo rm -r {{ dest_folder}}/{{cap_file}}.gz
\ No newline at end of file
diff --git a/tcpdump-schedule/tcpdump_getdata.sh b/tcpdump-schedule/tcpdump_getdata.sh
new file mode 100644
index 0000000..9869945
--- /dev/null
+++ b/tcpdump-schedule/tcpdump_getdata.sh
@@ -0,0 +1,8 @@
+INTERFACE=0.0
+PATH=/shared/tmp/pba
+FILENAME=tcpdump-%Y-%m-%d_%H%M%S.pcap
+
+# Execute tcpdump command
+# -W 5 = Limit 5 files
+# -G 60 = Rotate every 60 seconds
+/usr/sbin/tcpdump -K -W 5 -G 60 -nni $INTERFACE -s0 -w "$PATH/$FILENAME"
\ No newline at end of file
diff --git a/tcpdump-schedule/tcpdump_stop.sh b/tcpdump-schedule/tcpdump_stop.sh
new file mode 100644
index 0000000..3e563ca
--- /dev/null
+++ b/tcpdump-schedule/tcpdump_stop.sh
@@ -0,0 +1 @@
+/usr/bin/killall -9 tcpdump
\ No newline at end of file